First published: Mon Dec 15 2014(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Libvncserver Libvncserver | <=0.9.9 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Debian Debian Linux | =7.0 | |
debian/libvncserver | 0.9.13+dfsg-2+deb11u1 0.9.14+dfsg-1 | |
debian/tightvnc | 1:1.3.10-3 1:1.3.10-7 1:1.3.10-9 | |
debian/vino | 3.22.0-6 3.22.0-7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2014-6053 is a vulnerability in LibVNCServer that allows remote attackers to cause a denial of service or memory consumption.
The vulnerability occurs because the rfbProcessClientNormalMessage function in libvncserver/rfbserver.c does not handle large amounts of ClientCutText data properly.
CVE-2014-6053 has a severity level of medium.
The vulnerability affects LibVNCServer versions 0.9.9 and earlier.
To fix the vulnerability, you should update LibVNCServer to version 0.9.9 or later.